Follow ZDNET: Add us as a favorite source On Google.
ZDNET Highlights
- Browser extensions are tracking more of your data.
- Many AI generating tools are collecting lots of personal information.
- Users should be wary of unreasonable permission requests.
Browser extensions have increasingly become a security risk as publishers have become more cautious about the code they may hide in them. AI is only increasing that threat, especially when it comes to tracking user data — and some of your most-used apps are doing a lot of the scraping.
new research Data exfiltration service Incognito revealed that more than half of a sample set of AI Chrome extensions collected user data. About a third are “collecting personally identifiable information (PII).”
“These were downloaded approximately 115.5 million times, meaning they could collectively have that many users,” writes Incogni, one of ZDNET’s favorite data removal services.
Also: 5 Browser Extension Rules to Keep Your System Secure in 2025
Here are the most invasive extensions identified by the study, along with steps you can take to protect your privacy.
conclusion
Now in its second year, Incognito’s study analyzed 442 “AI-branded” Chrome extensions between January 5 and January 7, examining what permissions each one requires and the data each might reveal. It also took into account “personal data collected by developers of extensions through their voluntary declarations and, finally, the risk-impact and risk-probability scores associated with each extension.”
Also: I Tested the Leading Data-Removal Services of 2025, and There Was a Clear Winner
The company noted that Grammarly — a product in a suite of tools owned by a company that now goes by Superhuman — and AI content detector Quillbot “are the most potentially privacy-harmful,” especially given their prevalence in Incognito’s dataset with more than two million downloads. Other offenders with “both high risk potential and high risk impact” include Neely AI Sidebar and Ezmate.
Specifically, the company noted that 42% of extensions use “scripting” – requests that extensions make to capture what you type or alter what you see – and this is considered particularly risky. According to Incognito, this could affect up to 92 million users.
About a third of extensions collected website content and PII, but Incognito said that “it appears that more users are likely to (share) user activity than any other data type.”
Also: OpenAI recently unveiled its Google Translate competitor, and ChatGPT has already won in a big way
Overall, the extensions that Incogniti classified as “programming and mathematical assistants” were the riskiest based on the data they collected and the permissions they required. They are closely monitored by “meeting assistants and audio transcribers” and writing assistants – Incognito advises users to be extra vigilant with these categories.
However, some categories of extensions proved to be less dangerous than others; The research found that “audio-visual generators and text and video summaries“ were the least aggressive on average.
risk
So what are the dangers of these extensions crawling your activity and personal information? Using data from Chrome-Stats, Incogni evaluated each extension based on how easily a developer or third party could make it act against a user’s interests and the level of damage such a breach could cause.
Also: Stop using ChatGPT for everything: My favorite AI models (and the ones I avoid) for research, coding, and more
Only 10 out of a total of 442 studied ranked highly in both metrics:
Google Translate came in at #4, while ChatGPT search was at #10.
what to see
Incognito recommends several factors that may indicate unnecessary levels of data collection by your Chrome extension. While functional permissions make sense for extensions to function properly, others take too many liberties.
“Problems begin when an extension requires a level of permissions that cannot be justified given its stated purpose,” Incogni’s report said. “For example, a writing assistant extension that requires access to precise location data can and should raise suspicion.”
While Incogni said that one challenge in this research was determining appropriate permissions and data collection, the company set a base guideline that users can refer to.
Also: Is Your AI Model Secretly Toxic? 3 warning signs
The research states, “The only objective criterion that can be applied when deciding whether to install a given extension is this: does personal data leave the host device? If it does, the extension represents an unacceptable risk under this approach.” Ultimately, it’s up to users how much privacy they want to sacrifice for added convenience.
